Fortinet Releases High-Risk Security Vulnerability in FortiOS SSL VPNs

Fortinet has released a FortiOS SSL VPN high-risk security vulnerability (Vulnerability CVE: CVE-2024-21762) that may have been exploited in the wild.

background:

Fortinet Headquartered in Sunnyvale, California, Fortinet has been leading the way for more than two decades.cyber securityIndustry innovation and development, and continue to promote the convergence of network and security. Our mission is to build a trusted digital world by securing people, devices and data wherever they are. To that end, we have over 50 enterprise-classcyber securityFortinet's security products are the industry's broadest, most integrated portfolio of solutions for building proven digital security wherever you need it. With the industry's largest number of patents and certifications from leading organizations, Fortinet security solutions are trusted by users around the world, with more than 680,000 users globally, making it the security vendor with the largest number of solutions deployed in the industry.

Fortinet disclosed theFortiOS SSL VPNa new critical security vulnerability that has been reported as possibly having been exploited in the wild.

Vulnerability Details

Vulnerability Number:CVE-2024-21762

CVSS Score: 9.6 Detailed Description:An out-of-bounds write vulnerability [CWE-787] has been identified in FortiOS, which could allow remote, unauthenticated attackers to execute arbitrary code or commands via specially crafted HTTP requests.

Affected versions

The FortiOS versions affected by this vulnerability are listed below; notably, FortiOS 7.6 is not affected.

FortiOS 7.4 (versions 7.4.0 to 7.4.2) - upgrade to 7.4.3 or above
FortiOS 7.2 (versions 7.2.0 through 7.2.6) - upgrade to 7.2.7 or above
FortiOS 7.0 (versions 7.0.0 to 7.0.13) - upgrade to 7.0.14 or above
FortiOS 6.4 (versions 6.4.0 through 6.4.14) - upgrade to 6.4.15 or above
FortiOS 6.2 (versions 6.2.0 through 6.2.15) - upgrade to 6.2.16 or above
FortiOS 6.0 (all 6.0 versions) - Migrate to fixed version

security update

Fortinet has also released a program forCVE-2024-23108andCVE-2024-23109patches for vulnerabilities that affectFortiSIEMSupervisor, which allows remote unauthenticated attackers to execute unauthorized commands via specially crafted API requests.Fortinet reports that N-day security vulnerabilities in its software such as CVE-2022-42475 and CVE-2023-27997 are being exploited by different groups of activists to target various organizations.

Vulnerability Confirmation:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-21762 to its Known Exploited Vulnerabilities (KEV) catalog on February 9, 2024, providing evidence of active exploitation in the wild.

Response

All Federal Civilian Executive Bodies (FCEBs) are required to apply fixes by February 16, 2024 to prevent potential threats.

This security snapshot highlights the growing threat to network edge devices due to a lack of Endpoint Detection and Response (EDR) support, especially against the backdrop of a tense global cybersecurity landscape. Organizations need to respond quickly to ensure cybersecurity.

Original article by Chief Security Officer, if reproduced, please credit https://cncso.com/en/fortinet-warns-of-new-fortios-zero-day-html

Like (0)
Previous February 7, 2024 at 7:01 pm
Next February 10, 2024 at 7:50 pm

related suggestion